Skip to content

icholy/semgrepx

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

39 Commits

testdata

testdata

 
 

README.md

README.md

 
 

go.mod

go.mod

 
 

main.go

main.go

 
 

semgrep.go

semgrep.go

 
 

semgrep_test.go

semgrep_test.go

 
 

semgrepx.gif

semgrepx.gif

 
 

Repository files navigation

SEMGREPX

A tool for rewriting semgrep matches using externals tools

Installation:

If you have a Go toolchain installed, you can install the semgrepx binary like this:

go install github.com/icholy/semgrepx@latest

It will be placed in your GOBIN directory, which defaults to ~/go/bin. Depending on your install method, this may or may not already be in your PATH.

CLI:

Usage: semgrepx [flags] <command> [args...]
flags:
  -dir string
    	directory to run in (default ".")
  -file string
    	semgrep json file
  -lines
    	expand matches to full lines
  -retry int
    	number of retries (< 0 is unlimited)
  -trim
    	trim whitespace

How it works:

The provided command is executed for every semgrep match. The matched code is sent to the command's stdin. The matched code is replaced by the command's stdout.

Example:

# create a file of matches
semgrep -l go --pattern 'log.$A(...)' --json > matches.json

# rewrite all the matches using the llm tool
semgrepx llm 'update this go to use log.Printf' < matches.json
  • This example uses the llm tool.

Demo:

About

xargs for semgrep

choly.ca/post/semgrep-autofix-llm/

Topics

golang ai semgrep llm

Resources

Readme
Activity

Stars

16 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages